USFDA 483 / UCB Farchim SA/ June 2023 / Gaps in Data Integrity program, lack of Quality oversight

Observation 1

Inadequate Quality oversight over Quality control (QC) operations and Gap in Data Integrity programme

Interrupted chromatographic runs are not documented, evaluated, trended. Interrupted sequences generated errors like “Data Incomplete” and “Missing Data” chromatographic data Empower 3 chromatography software. Quality Unit was not aware that the software has the capability to verify the incomplete data and evaluate whether the sample did run, and if so, view the chromatogram. Test runs are manually interrupted via a “user abort” function but are  not document and/or trended.

No adequate Data Integrity program and comprehensive review of electronic data by Quality Assurance unit whether batch to batch or on established timeframe (only an analyst verifies laboratory work after which the QA unit confirms QC review)

QA/QC personnel can delete data irrevocably from desktops; during walkthrough QA personnel was observed deleting a recently issued batch manufacturing record. IT was able to determine name of files deleted dating back to six months, however the documents are not able to be restored.

Manufacturing batch records issued to production are not adequately controlled, no systems /unique identifiers on batch records to prevent generation of additional copies outside the Firm’s document control system

Observation 2

Appropriate controls are not exercised over computers or related systems. Performance verification is performed on Empower 3 chromatographic software, but no processes or systems to ensure consistent performance of the software/equipment over a specified period and operating environment. Empower 3 chromatography software generated “Data Incomplete” and “Missing Data” chromatographic data for interrupted chromatographic runs. Firm lacked understanding of different types of communication errors and circumstances which may lead to such errors considering relationship between Empower application and database server, Empower RDS servers, LAN cables, Empower LAC/Es, and the instruments connected to LAC/Es.

Observation 1

Inadequate Quality oversight over Quality control (QC) operations and Gap in Data Integrity programme

Interrupted chromatographic runs are not documented, evaluated, trended. Interrupted sequences generated errors like “Data Incomplete” and “Missing Data” chromatographic data Empower 3 chromatography software. Quality Unit was not aware that the software has the capability to verify the incomplete data and evaluate whether the sample did run, and if so, view the chromatogram. Test runs are manually interrupted via a “user abort” function but are  not document and/or trended.

No adequate Data Integrity program and comprehensive review of electronic data by Quality Assurance unit whether batch to batch or on established timeframe (only an analyst verifies laboratory work after which the QA unit confirms QC review)

QA/QC personnel can delete data irrevocably from desktops; during walkthrough QA personnel was observed deleting a recently issued batch manufacturing record. IT was able to determine name of files deleted dating back to six months, however the documents are not able to be restored.

Manufacturing batch records issued to production are not adequately controlled, no systems /unique identifiers on batch records to prevent generation of additional copies outside the Firm’s document control system

Observation 2

Appropriate controls are not exercised over computers or related systems. Performance verification is performed on Empower 3 chromatographic software, but no processes or systems to ensure consistent performance of the software/equipment over a specified period and operating environment. Empower 3 chromatography software generated “Data Incomplete” and “Missing Data” chromatographic data for interrupted chromatographic runs. Firm lacked understanding of different types of communication errors and circumstances which may lead to such errors considering relationship between Empower application and database server, Empower RDS servers, LAN cables, Empower LAC/Es, and the instruments connected to LAC/Es.

Implementing procedures and processes for control of electronic data and review of the data is fundamental to cGMP (Guidelines :USFDA: ECFR – 21 Part 11; EC EudraLex (Europe): Annex 11: Computerised Systems). Companies should implement Data Integrity programs (Refer Guidelines page: Data Integrity – USFDA, EMA, MHRA, WHO, PIC/S) complying with regulatory guidelines.

The EMA Guidance on good manufacturing practice and good distribution practice: Questions and answers on Data Integrity categorically emphasizes – electronic data is the original record must be reviewed…prior to making batch release decisions….when.review is based solely on printouts there is potential for records to be excluded from the review process which may contain un-investigated out of specification data or other data anomalies. USFDA Guideline on Data Integrity and Compliance With Drug CGMP – Questions and Answers also makes clear regulatory expectations on Data Integrity and review of electronic records.. Invalidating test results to exclude them from quality unit decisions about conformance to a specification requires a valid, documented, scientifically sound justification (Q2)… FDA expects processes to be designed so that data required to be created and maintained cannot be modified without a record of the modification….(In chromatographic data) aborted or incomplete injections should be captured in audit trails and should be investigated and justified (Q12). These guidelines also makes clear expectations with respect to control of other records such as Batch records and other paper documentation and blank forms used for recording data – unique reference number, version control, control of distribution ensuring traceability of distribution, systems like secure stamps or paper color coding to avoid photocopying, documents controlled by a document control group,  reconciliation of issued documents, archiving incomplete / erroneous documents along with permanent records. The guidelines also specify the requirement of the Quality unit to review and approve production and control (including laboratory control) records. Any rights to alter files and settings (in GxP systems), should be assigned to personnel independent from those responsible for the record content. Data audit trails should be reviewed, frequency of review of cGMP data associated with batch release – e.g. batch analysis related data  – shall be before each batch (same frequency as specified in cGMP regulations). For other data where frequency is not specified in cGMP regulations, frequency of review shall be defined based on data criticality and risk assessment (Q8 – USFDA Guidance on Data Integrity). Audit trials shall cover attempt to rename or delete files.

In line with these regulatory requirements, Companies should establish well defined procedures and checklists for review of all electronic data generated in Quality control (as well as other GxP systems), for networked as well as standalone systems. Procedures shall be defined for review of electronic data at different levels and frequency of review – batch to batch as well as periodic. The review of electronic data after every batch should look at aspects such as (but not limited to) – interrupted chromatographic runs (both systems generated as well as any manual interventions), deletion of data, sequence, appropriate integration, manual integration events, repeat injections, single injections. This should be part of batch analysis review against a well-defined checklist. This shall be reviewed by QC reviewer, authorised by QC head and should be supported by appropriate printouts of the audit trails from the system. QA shall verify these checklists as part of Batch release review which include batch records and associated documents like quality events and batch analysis data. Apart from this there shall be periodic review of the electronic data by the Quality Assurance unit, again driven by well-defined procedures and checklists. These will include (but not limited to) verification of deletion of data, data folder management, user access data (User logins, system access only by authorised users), password policies, User privileges, date/ time controls, data back ups, data retrievals, samples of batch analysis data. Any discrepancies observed during such reviews shall be logged as Quality events and investigated. If the investigation identifies issues such as (but not limited to) human errors, computer system or software issues, lack of awareness and skills or even wilful manipulations, the frequency of the periodic evaluations may need to be tightened, CAPAs taken. For example, if a chromatographic run is interrupted before a standard injection the incident may be logged as a deviation or a laboratory incident and investigated, If such interruptions are due to chromatographic system and recur frequently this calls for a root cause evaluation involving the Instrument supplier. If the interruptions or abort runs are after standard and / or sample injections they shall be logged as deviations and investigated. If both standard and sample are injected but sequence is interrupted / aborted, the review shall also look at whether the run would have generated an OOS result, probable causes. Even when there is batch-to-batch review of electronic data, there should be a periodic review of the computerised systems as well. This is to confirm systems continue to perform and comply over time. Not having a periodic electronic data and computerised systems review can be interpreted as not having system for ensuring continued performance and compliance of the system.

All GxP computerised systems shall be compliant with requirements of electronic data controls – whether it is laboratory systems or other desktops used by QA / QC personnel for GxP activities such as issuance of batch records. Data deletion features at user levels shall be disabled in such systems. If computerised systems are used for printing/ issuance of batch records, it shall be through an appropriate GxP compliant Document Management system (DMS) with capabilities for tracking the number of copies generated with unique identifiers. The issued batch records (other blank forms and paper documents to record data) should have controls to prevent generation of copies (such as issue stamp and signature on every page) or such other features.

Equally important is to ensure that the personnel who operate and supervise the systems have adequate knowledge and skills. One may have the best software solutions / computerised system which are fully compliant as per suppliers’ claims, but unless the people who use, operate and manage the system are aware of the system functionality, compliance cannot be ensured. If personnel are not aware what are the compliance features of the system and know how this should be verified, one will not be able to vouch for the continued performance and compliance of the system. It is as good as being noncompliant and will be interpreted as such.

As detailed above systems and processes for control of electronic data, document controls, review of electronic data and audit trials are fundamental to GMP. Companies not sure about their controls, processes and procedures over the same would do well to:

Perform a comprehensive assessment covering all laboratory instruments (chromatographic systems, spectroscopic systems, other equipment and systems which generate electronic data – both networked as well as standalone systems). Do the assessment against a well defined protocol and checklists developed addressing the requirements of USFDA & European guidelines on control of computerised systems, electronic data, data integrity. Consider involving third party experts and also take support of the instrument suppliers if inhouse skills and experience is limited.  The scope of the assessment should cover all batches and products within expiry, their supporting data like method validations, method verifications, process validations, stability data. The assessment should be designed to identify all gaps such as interrupted runs, aborted runs, repeat injections and other deviations from the regulatory expectations as well as broader aspects of electronic data controls – data backup, data deletion, user access controls and so on. Each batch, activity where deviations are observed shall be further investigated for cause of deviation, whether the batch quality is impacted (e.g. whether it has resulted in OOS batches being released to market, stability failures) or the processes and controls are impacted (e.g. Method validations, process validations). Based on the investigation initiate remediation actions – recall (where product quality is impacted), revalidation of methods, processes.

A similar assessment and investigation and remediation programme should be extended to other GxP systems generating electronic data (such as manufacturing equipment, HMIs & PLC systems,  environmental control systems, utilities like water system).

Perform an assessment of all computer systems, desktops, laptops… used by personnel involved in GxP activities, GxP activities and processes for Document issuance and controls – Whether documents / data can be saved to individual systems or only to secure data folders, does users have access to data folders and to delete files, folders; are there controlled document issuance and control procedures addressing batch records, analytical record sheets and of GxP blank Forms and records. The ICHQ7A guideline elaborates the requirements of a Document control system; assess the robustness of the system in line with the requirements of ICHQ7A – Defined control procedures, Identification, Traceability, Version controls, Authenticity, Retention, Indelible records. (Qvents has multiple posts discussing the issue – Refer 1) USFDA 483 / UCB… Deficiencies in Document control 2) Warning letter / Centaur …Uncontrolled cGMP documents

Based on the assessments and investigations implement comprehensive corrective actions – 1) Procedures for electronic data review and control, batch  to batch and periodic review of audit trails, 2) Enhanced document control procedures, 3) Control of computerised systems, desktops, laptops used by personnel involved in GxP activities – disabling provision for saving data on local hard drives, disabling provisions for deletion of data from individual systems, user access controls, procedures for system backup. 4)Also establish internal audit / review mechanisms to review and track compliance to the defined procedures

Training and skills development programme for the Quality control, Quality unit personnel on the GxP software’s like Empower 3 and others – review of data, review of audit trails, errors and warning messages, operations. Establish similar programmes for other operating personnel on different GxP equipment and systems (like manufacturing equipment, utility systems, environmental monitoring systems).